Microsoft Active Directory v2 Spoke

Watch

Save as PDF

Share this page

Feedback

Creating integrations with applications

HomeWashington DC Create Integrations with ApplicationsCreating integrations with applicationsIntegration HubBuilding integrations in Integration HubIntegration Hub available spokesMicrosoft Active Directory v2 Spoke

Table of Contents

Microsoft Active Directory v2 Spoke

Release version:
Washington DC
Yokohama
Xanadu
Vancouver
UpdatedAug 1, 2024
4 minutes to read

Washington DC
Now Platform Capabilities

Create, delete, and manage objects in Microsoft Active Directory, such as users, groups, and computers.

Request apps on the Store

Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

Integration Hub subscription

This spoke requires an Integration Hub subscription. For more information, see Legal schedules - IntegrationHub overview.

Spoke version

Microsoft Active Directory v2 spoke v2.3.0 is the latest version.

Supported versions

This spoke was built for Microsoft Active Directory.

Spoke requirements

Ensure that Active Directory Web Services (ADWS) is deployed in the same server where Microsoft Active Directory is installed. The MID server can access the Active Directory Web Services (ADWS) at port 9389. For more information about ADWS deployment, see Microsoft documentation.

In the MID Server and Microsoft Active Directory v2 server, run the following PowerShell commands to install the Active Directory module:

PS> Import-Module ServerManager
PS> Install-WindowsFeature -Name RSAT-AD-PowerShell

Spoke dependencies

If you’re having trouble installing the app, ensure that these dependent plugins are installed:

Complex Object (com.glide.cobject)
ServiceNow IntegrationHub Runtime (com.glide.hub.integration.runtime)
IHUB Spoke Util Pack (com.snc.ihub_spoke_util_pack)
ServiceNow IntegrationHub Action Step - PowerShell (com.glide.hub.action_step.powershell)

Note: If used outside the spoke implementation, some of these plugins are licensable features and require licenses.

Spoke actions

The Microsoft Active Directory v2 spoke provides actions to automate the tasks when events occur in your ServiceNow instance. Available actions include:


Category	Action	Description
Group Management	Add Computer to Groups	Adds the computer account to one or more groups in the Active Directory (AD).
	Add Computers to Group	Adds one or more computer accounts to the group in the Active Directory (AD).
	Add User to Groups	Adds a user to one or more groups in the Active Directory (AD).
	Add Users to Group	Adds one or more user accounts to the group in the Active Directory (AD).
	Create Group	Creates the group in the Active Directory (AD).
	Delete Group	Deletes the group from the Active Directory (AD).
	Does Group Exists	Checks whether the group exists in the Active Directory (AD).
	Is User in Group	Checks if an existing user is already a member of a group in the Active Directory (AD).
	Look up Group	Retrieves the group from the Active Directory (AD).
	Remove Computer from Groups	Removes the computer account from one or more groups in the Active Directory (AD).
	Remove Computers from Group	Removes one or more computers from the group in the Active Directory (AD).
	Remove User from Groups	Removes a user from one or more groups in the Active Directory (AD).
	Remove Users from Group	Removes one or more users from the group in the Active Directory (AD).
User Authentication	Change User Password	Changes the user's password in the Active Directory (AD). The password has to match the AD password requirements.
	Look up User Password Expiration Details	Retrieves the password expiration details for the user from the Active Directory (AD).
	Generate Random Password	Generates the random password according to the Active Directory (AD) password policy.
	Is User Locked	Checks the locked status of the user account in the Active Directory (AD).
	Reset User Password	Resets the password of the user in the Active Directory (AD).
	Unlock User	Unlocks the user account in the Active Directory (AD).
Computer Management	Create Computer	Creates a computer account in the Active Directory (AD).
	Disable Computer	Disables the computer account in the Active Directory (AD).
	Does Computer Exists	Checks the status of the computer account in the Active Directory.
	Is Computer Disabled	Checks the status of the computer account in the Active Directory (AD).
	Enable Computer	Enables the computer account in the Active Directory (AD).
	Look up Computer	Retrieves a computer account from the Active Directory (AD).
	Update Computer	Updates a computer account in the Active Directory (AD).
	Delete Computer	Deletes a computer account from the Active Directory (AD).
Object Management	Create Object	Creates an object account in the Active Directory (AD).
	Update Object OU	Updates the Organizational Unit (OU) of an object account in the Active Directory (AD).
	Update Object Expiration	Updates the account expiration date of the object account in the Active Directory (AD).
	Look up Object by Filter	Retrieves object accounts based on a search filter in the Active Directory (AD).
	Delete Object	Deletes an object account from the Active Directory (AD).
User Management	Delete User	Deletes the user from Active Directory (AD).
	Create User	Creates a user account in the Active Directory (AD) and sets a password. Note: From Microsoft Active Directory v2 spoke v2.1.1 onwards, these changes are applicable: Sam Account Name is available in the Additional Fields drop-down. When a user is created, the User Principal Name (UPN) is generated in this format: `<username>@<DNS-domain-name>`.
	Disable User	Disables a user account in Active Directory (AD).
	Does User Exists	Checks whether the user account exists in Active Directory (AD).
	Update User	Updates a user account in the Active Directory (AD).
	Enable User	Enables a user account in Active Directory (AD).
	Look up User	Retrieves a user account from the Active Directory (AD).
	Is User Disabled	Checks if the user account is inactive in Active Directory (AD).
	Get User Additional Fields (Metadata)	Retrieves information from the additional fields in a user account from the Active Directory (AD).

Note: This spoke isn't tested with a load balancer.

Connection and credential alias requirements

Integration Hub uses aliases to manage connection and credential information. Using an alias eliminates the need to configure multiple credentials and connection information profiles when using multiple environments. If the connection or credential information changes, you don't need to update any actions that use the connection. For more information, see Connections and Credentials.

For information about setting up the spoke, see Set up the Microsoft Active Directory v2 spoke.

MID Server requirements

To use these actions, your instance must have a MID Server set up and configured to use PowerShell. For more information about running actions on the MID Server, see Integration steps. For more information about the MID Server, see MID Server.

To set up the MID Server for this spoke, see Set up MID Server for a spoke.

Note: You must install the MID Server and Microsoft Active Directory on different servers.

Washington DC Create Integrations with Applications

Filters

Versions

Products